Hi all
I’m facing a CORS issue when trying to hit the logout API (i’m hitting it from a backend handler after being redirected to there from the front end. Im supplying the id token as well. )
I have the base URL set up under trusted origins for redirect as well as CORS, also have the logout url setup under application general settings
Hi,
The OIDC logout endpoint is not meant to be called from a backend service, it should be redirected to from within the browser.
https://developer.okta.com/docs/guides/sign-users-out/android/before-you-begin/ has more information.
1 Like
Hi @dzeller thanks for your response!
wouldn’t that involve exposing the id_token in the URL?
Is there a way around doing that?
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.